arch/x86 · 2f22b4cd45b67b3496f4aa4c7180a1271c6452f6 · Upstream / linux-stable

x86/speculation/l1tf: Protect swap entries against L1TF

Linus Torvalds authored 7 years ago

With L1 terminal fault the CPU speculates into unmapped PTEs, and resulting
side effects allow to read the memory the PTE is pointing too, if its
values are still in the L1 cache.

For swapped out pages Linux uses unmapped PTEs and stores a swap entry into
them.

To protect against L1TF it must be ensured that the swap entry is not
pointing to valid memory, which requires setting higher bits (between bit
36 and bit 45) that are inside the CPUs physical address space, but outside
any real memory.

To do this invert the offset to make sure the higher bits are always set,
as long as the swap file is not too big.

Note there is no workaround for 32bit !PAE, or on systems which have more
than MAX_PA/2 worth of memory. The later case is very unlikely to happen on
real systems.

[AK: updated description and minor tweaks by. Split out from the original
     patch ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Andi Kleen <ak@l...

2f22b4cd

Name	Last commit	Last update
..
boot	Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip	7 years ago
configs	x86/unwind: Rename unwinder config options to 'CONFIG_UNWINDER_*'	7 years ago
crypto	crypto: x86/salsa20 - remove x86 salsa20 implementations	7 years ago
entry	docs: Fix some broken references	7 years ago
events	treewide: kzalloc() -> kcalloc()	7 years ago
hyperv	x86/hyper-v: move struct hv_flush_pcpu{,ex} definitions to common header	7 years ago
ia32	syscalls/x86: auto-create compat_sys_*() prototypes	7 years ago
include	x86/speculation/l1tf: Protect swap entries against L1TF	7 years ago
kernel	Kbuild: rename CC_STACKPROTECTOR[_STRONG] config variables	7 years ago
kvm	KVM: x86: VMX: redo fix for link error without CONFIG_HYPERV	7 years ago
lib	Merge tag 'libnvdimm-for-4.18' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm	7 years ago
math-emu	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	7 years ago
mm	treewide: use PHYS_ADDR_MAX to avoid type casting ULLONG_MAX	7 years ago
net	treewide: kmalloc() -> kmalloc_array()	7 years ago
oprofile	x86/oprofile: Fix bogus GCC-8 warning in nmi_setup()	7 years ago
pci	treewide: kzalloc() -> kcalloc()	7 years ago
platform	treewide: kzalloc() -> kcalloc()	7 years ago
power	x86/mm: Stop pretending pgtable_l5_enabled is a variable	7 years ago
purgatory	kernel/kexec_file.c: move purgatories sha256 to common code	7 years ago
ras	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	7 years ago
realmode	x86-64/realmode: Add instruction suffix	7 years ago
tools	x86: Treat R_X86_64_PLT32 as R_X86_64_PC32	7 years ago
um	Merge tag 'kconfig-v4.18' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild	7 years ago
video	x86/video: Don't assume all FB devices are PCI devices	9 years ago
xen	Merge tag 'for-linus-4.18-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip	7 years ago
.gitignore
Kbuild
Kconfig
Kconfig.cpu
Kconfig.debug
Makefile
Makefile.um
Makefile_32.cpu

GitLab

Menu

Download source code

Download this directory